Please note, MISTI is in the process of changing our payment details. Please contact us for further details and on ways to pay at misti@misti.com or +44 (0) 203 819 0800. We are sorry for any inconvenience.

Innovation: The New Imperative for Internal Audit

By Terry Hatherell, Deloitte Global Internal Audit Leader

| August 14, 2018

As organizations continue to evolve and innovate, new risks arise. Meanwhile, the larger business environment continues to change, often rapidly and in unexpected ways. This places new demands on the internal audit function, which must keep pace with both the organization and emerging risks.

To enhance its organizational impact and influence in today’s business climate of constant disruption, Internal Audit must become more innovative. That is among the key takeaways drawn from the findings of Deloitte Global’s 2018 global survey of over 1,100 Chief Audit Executives (CAEs) from across 40 countries and a full range of industries.

Internal audit needs to innovate to keep pace with and preferably stay ahead of, the issues and risks posed by new business models, processes, technologies, and third-party relationships employed by organizations. This imperative has prompted many Internal Audit functions to employ new technologies and approaches to deliver services more efficiently and effectively. As a result, these functions have typically garnered stronger organizational impact and influence.

In fact, the percentage of respondents who see their groups as having strong impact and influence grew from 28 percent in 2016 to 40 percent this year. Of course, that still leaves 60 percent feeling that they lack strong impact and influence. Similarly, while 46 percent of CAEs believe the larger organization is very aware of Internal Audit, fewer (33 percent) see their function as being viewed very positively within the organization.

So, while there has been progress, there is also work to be done.

The state of the function

Broadly defined, internal audit innovation includes “digital innovation”—advanced analytics, robotic process automation, continuous auditing, visualized reporting, and the like—as well as new approaches to internal audit methods, such as applying principles and practices from agile development to internal audit work – referred to as agile internal audit.

To undertake these innovations, internal audit practitioners typically needs to develop an innovative mindset, adopt new technologies, and access or develop new skills.

Is this happening?

Yes, but not in all Internal Audit functions. For example, from 2016 to 2018, use of advanced analytics increased from 7 percent to 21 percent—a large boost—but that means that nearly four in five internal audit groups still use analytics at basic levels. Use of continuous auditing increased only slightly, from 25 percent to 26 percent, which still leaves three out of four functions without this important capability.

Regarding agile internal auditing, 14 percent of respondents formally operate under agile principles and another 15 percent are considering doing so—rapid adoption for such a new approach. However, 25 percent were not sure what Agile Internal Audit is and another 14 percent are not considering it.

One tantalizing finding concerns robotic process automation (RPA)—the use of scanning technologies and software to execute many of the repetitive manual tasks internal auditors now perform. While seemingly futuristic, RPA is already used by 2 percent of internal audit functions and another 21 percent are considering it. This technology is ready for implementation in internal audit, as is advanced analytics, continuous auditing, and visualized reporting.

Challenges to address

While almost four in ten respondents cited missing skills or talent as the key challenge to increase their impact and influence, nearly one in four do not employ an alternative resourcing model. This is concerning, given that six in ten see implementing internal audit analytics as their top priority and analytics skills are among those most sought-after in the overall marketplace. Alternative resourcing models enable Internal Audit groups to access the skills and capabilities they need in order to adopt innovative approaches, including internal audit analytics, in a flexible manner.

Internal audit groups are also budgeting for innovation, with six in ten CAEs expecting an increase in investment in innovation by their functions over the next three-to-five years. In addition, 71 percent of respondents who believe their functions have a strong impact and influence plan to increase their investment in innovation.

Interestingly, Internal Audit groups in organizations of all sizes are responding to the innovation imperative. For example, 56 percent of internal audit functions with relatively smaller overall budgets (under US$1 million) indicated they expect to increase their investment in innovation, so it is not only large functions that are innovating. In addition, 47 percent of functions that plan on boosting their level of investment in innovation plan on investing up to US$250k in the next five years.

Becoming more innovative begins with seeking relatively incremental efficiencies initially, understanding the ways in which the organization is evolving, knowing which approaches and technologies can best assist internal audit, and learn how to best apply them to internal audit work.

What’s in it for internal audit? In its detailed findings, this survey reveals that the Internal Audit groups taking the most innovative approaches to their work are those that have the greatest impact and influence within their organizations.

Quick Links

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.